Articles about vulnerability

GnuPG patched to thwart 'fake filename'

If you're a developer relying on GnuPG, check upstream for an update that plugs an input sanitisation bug. The short version, given in CVE-2018-12020, is that mainproc.c mishandles the filename, and as a result, an attacker can spoof the output it sends to other programs. “For example, the OpenPGP data might represent an …
spectre

Spectre-protectors: If there's something strange in your CPU, who you gonna call?

Enhanced Spectre-protectors will soon come to the Chrome browser, as its desktop stable channel hit version 67.0.3396.62 and upgrades for Windows, Mac and Linux have started to flow. The Spectre mitigation comes in the form of enhanced site isolation, first introduced in Chrome 63, in which pages from different sites run in …
Tripping over

ISP popped router ports, saving customers the trouble of making themselves hackable

Singaporean broadband subscribers were left vulnerable to attackers after their ISP opened remote access ports on their gigabit modems and forgot to close them. The discovery was made by NewSky Security researcher Ankit Anubhav, who used Shodan to scan for SingTel routers open on port 10,000 – the default Network Data …
Pepper robot, Shutterstock

Softbank's 'Pepper' robot is a security joke

Softbank's popular anthropomorphic robot, Pepper, has myriad security holes according to research published by Scandinavian researchers earlier this month. The 'bot allows unauthenticated root-level access, runs a Meltdown/Spectre-vulnerable processor, can be administered over unencrypted HTTP and has a default root password …
Hammer, spanner and screw

Electron patches patch after security researcher bypassed said patch

In an update last week, the developers of Electron – the toolkit used to craft widely used apps from Skype and Slack to Atom – shipped a patch to their January patch, and now, an infosec researcher has explained why. A remote-code execution vulnerability, CVE-2018-1000006, was found in Windows applications developed using …

Big bimmer bummer: Bavaria's BMW buggies battered by bad bugs

A security audit conducted by Tencent's Keen Security Lab on BMW cars has given the luxury automaker a handy crop of bugs to fix – including a backdoor in infotainment units fitted since 2012. Now that the patches are gradually being distributed to owners, the Chinese infosec team has gone public with its security audit, …
Dunce

Victoria's educational apps-for-students let creeps contact kids

Updated Google and the Victorian Department of Education have set parents, students, teachers, and the Office of the Australian Information Commissioner a poser: at what point does a feature become a vulnerability? Or just too creepy to put in front of kids? Victoria's teachers and students have adopted a system based on Google Apps …
Neon sign says 'Open'

I got 257 problems, and they're all open source: Report shines light on Wild West of software

A report on open-source security management and licence compliance may make uncomfortable reading for those who maintain codebases that use the stuff. The document – produced by Black Duck, which sells services to make sure users are on top of their estate and so has a vested interest here – looked at 1,100 commercial …
Richard Speed, 17 May 2018
DDoS

UPnP joins the 'just turn it off on consumer devices, already' club

Universal Plug 'n' Play, that eternal feast of the black-hat, has been identified as helping to amplify denial-of-service attacks. Researchers at Imperva looked into misbehaving UPnP implementations after spotting odd attack traffic while analysing a Simple Service Discovery Protocol (SSDP, an Internet proposal absorbed into …
Security alert red light

Red Hat admin? Get off Twitter and patch this DHCP client bug

Red Hat has announced a critical vulnerability in its DHCP client and while it doesn't have a brand name it does have a Tweetable proof-of-concept. Discovered by Googler Felix Wilhelm, CVE-2018-1111 is a command injection bug in the Red Hat Enterprise Linux and derivative DHCP clients. Wilhelm Tweeted: “CVE 2018-1111 is a …

Wanna break Microsoft's Edge browser? Google's explained how

Back in February 2018, Google's Project Zero went public with a Microsoft Edge bug that Redmond couldn't fix in time for its next patch release. Now, the Google researcher - Ivan Fratric - has provided a detailed technical explanation of the problem and says Microsoft's fix might not be adequate. Fratric discovered that an …
A Ransom Note

Family Planning office warns customers private parts may be exposed

The Australian State of New South Wales' reproductive and sexual health organisation Family Planning NSW has advised users of an April 2018 ransomware attack that may have compromised sensitive information. The agency apparently retained web form messages on the public-facing server, meaning if its database was breached, …
Atom with nucleus and electrons

Have you updated your Electron app? We hope so. There was a bad code-injection bug in it

Electron – the widely used desktop application framework that renders top programs such as Slack, Atom, and Visual Studio Code – suffered from a security vulnerability that potentially allows miscreants to execute evil code on victims' computers. That means applications relying on Electron may need updating. If you use an …
Skeleton at computer

OpenFlow protocol has a switch authentication vulnerability

The early software-defined networking protocol, OpenFlow, has a vulnerability – but will anyone fix it? That's the question on the mind of The Register's networking desk, as we await confirmation of the bug by the Open Networking Foundation. In this post at the oss-sec list, Kashyap Thimmaraju from the Technical University of …
Here we go again

Every major OS maker misread Intel's docs. Now their kernels can be hijacked or crashed

Updated Linux, Windows, macOS, FreeBSD, and some implementations of Xen have a design flaw that could allow attackers to, at best, crash Intel and AMD-powered computers. At worst, miscreants can, potentially, "gain access to sensitive memory information or control low-level operating system functions,” which is a fancy way of saying …

Quit WebEx now if you want to live! (Bad bugs, not killer slideware)

It's time for Cisco's Midweek Misery, netadmins, with four critical vulns to patch and a slew of others to look over if you have time. WebEx has two nasties, CVE-2018-0112 and CVE-2018-0264. CVE-2018-0112 is a remote code execution (RCE) vulnerability in two clients (the WebEx Business Suite client and WebEx Meetings), and …
Candle

Vlad that's over: Remote code flaws in Schneider Electric apps whacked

Infosec researchers at Tenable Security have unearthed a remote code execution flaw in critical infrastructure software made by energy management multinational Schneider Electric. The vulnerability could have allowed miscreants to control underlying critical infrastructure systems, researchers said. The apps affected – used …
Kat Hall, 2 May 2018
Oracle acrobatics in the cloud

Umm, Oracle – about that patch? It might not be very sticky ...

Earlier this month, Oracle patched a critical vulnerability in its WebLogic server – but someone identifying himself as an Alibaba security researcher reckons Big Red botched the patch. The bug in question was fixed in Oracle's 254-strong quarterly patch-fest that was headlined by Java and Spectre fixes. Tucked way down on …

Create a news alert about vulnerability, or find more stories about vulnerability.

Biting the hand that feeds IT © 1998–2018